Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/b6m3S0YPrUgbt6A-QrRppv2bf6M.roa
File: b6m3S0YPrUgbt6A-QrRppv2bf6M.roa (raw, json)
Hash identifier: xhlSyFQ+WQgeG1X0BNR9GyBcOd2LI/idqZBZs4V6rNE=
Subject key identifier: 6F:A9:B7:4B:46:0F:AD:48:1B:B7:A0:3E:42:B4:69:A6:FD:9B:7F:A3
Certificate issuer: /CN=77c8d8bbf05797a75a49c5d70f5971ecdec6dd93
Certificate serial: 01856D4AD7241AD6E6E504CCA2A7BF062EBD
Authority key identifier: 77:C8:D8:BB:F0:57:97:A7:5A:49:C5:D7:0F:59:71:EC:DE:C6:DD:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8jYu_BXl6daScXXD1lx7N7G3ZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/b6m3S0YPrUgbt6A-QrRppv2bf6M.roa
Signing time: Sun 01 Jan 2023 12:24:59 +0000
ROA not before: Sun 01 Jan 2023 12:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 217.145.236.0/22 maxlen: 24
79.110.168.0/22 maxlen: 24
139.28.204.0/22 maxlen: 24
2a06:1e80::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:d7:24:1a:d6:e6:e5:04:cc:a2:a7:bf:06:2e:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c8d8bbf05797a75a49c5d70f5971ecdec6dd93
Validity
Not Before: Jan 1 12:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fa9b74b460fad481bb7a03e42b469a6fd9b7fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:06:78:df:35:be:fc:cc:9d:2e:02:19:e3:9a:
a6:79:b8:e0:a7:ca:ff:6a:e6:ee:77:d0:f4:18:e2:
75:2a:a3:2d:79:23:32:8c:0f:b6:57:55:1c:6f:d1:
7a:79:f3:99:85:1b:f9:2a:2c:0f:72:09:5b:73:83:
1b:a4:8d:73:13:1c:56:aa:56:7b:c1:d4:09:01:64:
fb:e6:07:f6:20:22:9a:07:a7:58:43:c4:91:c6:69:
4c:f5:b4:44:11:ae:1f:91:36:e3:e7:36:34:88:66:
9f:66:d5:17:87:85:ed:c3:ec:3e:41:80:16:c9:b2:
a5:ff:76:6b:84:27:90:87:90:da:9a:61:1d:de:67:
cb:92:2f:63:90:99:76:fd:f0:61:e8:ed:98:ad:c5:
d5:97:f4:ac:24:7b:c7:07:6c:0f:cf:9a:ed:8e:2f:
4a:d6:f2:5b:be:2c:ed:1d:c4:8c:b0:15:7a:76:8b:
de:fb:39:62:93:4c:0e:7c:61:45:0d:d7:23:ab:77:
ee:e5:b5:21:bc:2b:6c:40:b2:79:e3:cb:b6:4b:f7:
87:e6:30:04:e9:37:3e:0f:18:fa:9f:b9:34:0d:56:
30:9f:e6:6f:d8:68:5c:ca:5b:e9:1a:ed:13:59:b5:
48:4a:1c:30:9d:dd:72:19:09:53:5a:3f:66:b6:c3:
e7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A9:B7:4B:46:0F:AD:48:1B:B7:A0:3E:42:B4:69:A6:FD:9B:7F:A3
X509v3 Authority Key Identifier:
keyid:77:C8:D8:BB:F0:57:97:A7:5A:49:C5:D7:0F:59:71:EC:DE:C6:DD:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8jYu_BXl6daScXXD1lx7N7G3ZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/b6m3S0YPrUgbt6A-QrRppv2bf6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/d8jYu_BXl6daScXXD1lx7N7G3ZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.168.0/22
139.28.204.0/22
217.145.236.0/22
IPv6:
2a06:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
0f:f1:3d:44:8f:01:35:63:da:dc:9e:b1:61:2f:99:bd:37:46:
c1:08:1b:80:d3:ab:d1:65:9e:97:98:fe:ee:77:80:41:0b:ef:
67:2b:30:98:ac:10:f9:c9:e7:45:1e:0a:74:92:5f:17:25:7c:
c3:04:74:b4:dd:df:7d:7f:a1:2e:46:00:0b:80:d2:2a:21:8c:
27:9d:b9:fe:16:02:84:59:0e:9b:90:06:aa:6d:92:25:66:77:
ff:cc:85:54:b2:6b:c2:28:7f:35:af:a1:b5:35:ac:1f:ac:4e:
e2:20:b1:72:e0:a1:e9:fc:24:3b:83:ef:ae:ca:a5:3b:a4:42:
ed:40:2a:76:78:27:6d:4f:4a:05:29:3c:e7:ea:9b:95:df:75:
70:14:4c:37:0a:ca:9f:43:bd:8a:61:45:04:cc:3c:03:23:bd:
4a:cf:58:08:ab:29:c1:57:9f:3f:a8:97:ed:24:b9:d3:21:9b:
98:1e:cb:14:02:45:13:8c:13:bf:05:3a:01:2a:83:b0:ed:7b:
52:fb:ac:eb:ab:1a:f2:22:83:b3:d7:4d:f9:12:71:d6:02:45:
b5:34:e0:bc:54:2d:bc:bc:6b:7a:9d:a5:0d:a4:37:93:78:a2:
0b:6a:4e:82:cb:aa:b8:fe:90:3c:1b:74:9a:12:b3:aa:93:dd:
1c:ca:49:ff
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtStckGtbm5QTMoqe/Bi69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzhkOGJiZjA1Nzk3YTc1YTQ5YzVkNzBmNTk3MWVjZGVj
NmRkOTMwHhcNMjMwMTAxMTIyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmE5Yjc0YjQ2MGZhZDQ4MWJiN2EwM2U0MmI0NjlhNmZkOWI3ZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwZ43zW+/MydLgIZ45qmebjgp8r/
aubud9D0GOJ1KqMteSMyjA+2V1Ucb9F6efOZhRv5KiwPcglbc4MbpI1zExxWqlZ7
wdQJAWT75gf2ICKaB6dYQ8SRxmlM9bREEa4fkTbj5zY0iGafZtUXh4Xtw+w+QYAW
ybKl/3ZrhCeQh5DammEd3mfLki9jkJl2/fBh6O2YrcXVl/SsJHvHB2wPz5rtji9K
1vJbviztHcSMsBV6dove+zlik0wOfGFFDdcjq3fu5bUhvCtsQLJ548u2S/eH5jAE
6Tc+Dxj6n7k0DVYwn+Zv2GhcylvpGu0TWbVIShwwnd1yGQlTWj9mtsPn4QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFG+pt0tGD61IG7egPkK0aab9m3+jMB8GA1UdIwQY
MBaAFHfI2LvwV5enWknF1w9Zcezext2TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhqWXVfQlhsNmRhU2NYWEQxbHg3TjdHM1pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC80NWFiZGUtNWI0NC00NzFhLTkzZDkt
NTM0NWY3ZTc0MDgzLzEvYjZtM1MwWVByVWdidDZBLVFyUnBwdjJiZjZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC80NWFiZGUtNWI0NC00NzFhLTkzZDktNTM0NWY3ZTc0MDgz
LzEvZDhqWXVfQlhsNmRhU2NYWEQxbHg3TjdHM1pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCT26oAwQC
ixzMAwQC2ZHsMA0EAgACMAcDBQMqBh6AMA0GCSqGSIb3DQEBCwUAA4IBAQAP8T1E
jwE1Y9rcnrFhL5m9N0bBCBuA06vRZZ6XmP7ud4BBC+9nKzCYrBD5yedFHgp0kl8X
JXzDBHS03d99f6EuRgALgNIqIYwnnbn+FgKEWQ6bkAaqbZIlZnf/zIVUsmvCKH81
r6G1NawfrE7iILFy4KHp/CQ7g++uyqU7pELtQCp2eCdtT0oFKTzn6puV33VwFEw3
CsqfQ72KYUUEzDwDI71Kz1gIqynBV58/qJftJLnTIZuYHssUAkUTjBO/BToBKoOw
7XtS+6zrqxryIoOz1035EnHWAkW1NOC8VC28vGt6naUNpDeTeKILak6Cy6q4/pA8
G3SaErOqk90cykn/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:52 2025 by rpki-client